Bug 782060 – ntpq is very slow

Bug 782060 - ntpq is very slow


Summary:	ntpq is very slow

Status:	VERIFIED FIXED

Classification:	openSUSE
Product:	openSUSE 12.2
Classification:	openSUSE
Component:	Other
Version:	Final
Hardware:	x86-64 openSUSE 12.2

Priority:	P5 - None Severity: Normal (vote)
Target Milestone:	---
Assigned To:	Peter Varkoly
QA Contact:	E-mail List

URL:
Whiteboard:	maint:running:62642:low maint:release...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2012-09-25 14:08 UTC by Bernhard Wiedemann
Modified:	2016-08-18 15:53 UTC (History)
CC List:	4 users (show)

See Also:
Found By:	Development
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
patch: don't ask for ntp service (394 bytes, patch) 2012-11-12 14:20 UTC, Bernhard Wiedemann	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Bernhard Wiedemann 2012-09-25 14:08:14 UTC

# time ntpq -pn
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 127.127.1.0     .LOCL.          10 l  54m   64    0    0.000    0.000   0.000
*5.9.55.149      130.133.1.10     2 u  162  256  377    4.528    0.075   1.051
-176.28.8.111    187.95.28.233    3 u   64  256  377   13.549  -11.302   1.331
+38.229.71.1     172.16.32.4      2 u  137  256  377  117.416    1.492   2.391
+199.167.198.163 128.4.1.1        2 u  141  256  377   94.616   -2.757   0.575

real    0m0.900s
user    0m0.780s
sys     0m0.088s

strace -o /tmp/ntpq.strace ntpq -pn
grep "Active Measurement Protocol" /tmp/ntpq.strace|wc -l
64

So for some reason it is reading /etc/services 64 times.

while
strace -o /tmp/getent.strace getent services ntp
shows that it just reads the file once.

Comment 1 Bernhard Wiedemann 2012-09-25 14:16:14 UTC

for comparison: on a debian/6.0.5(squeeze) system with ntp-4.2.6
it takes 0.003 s
reading /etc/services 8 times
and the file is only 20kB there instead of our 748kB

Comment 2 Bernhard Wiedemann 2012-11-12 14:20:19 UTC

Created attachment 512792 [details]
patch: don't ask for ntp service

With help of Andreas Schwab I found this.
I verified that this one-line patch speeds up ntpq -pn by a factor of 7.
The alternative is to add
	hints.ai_socktype = SOCK_DGRAM;

The underlying problem is that getaddrinfo will read /etc/services
once for every possible protocol, if you don't specify either
ai_socktype or ai_protocol
and for protocols other than tcp and udp, 
it will read the big file until the very end.
Also nscd is not configured to cache services.

Comment 3 Bernhard Wiedemann 2012-11-12 16:43:09 UTC

btw: in SLE-11-SP2, nscd supports caching services by default
and even without that, ntpq -pn is faster (approx factor 5)
only reading the full /etc/services 4 times
and the beginning (up to port 123) of it another 4 times

Comment 4 Andreas Schwab 2012-11-12 17:02:43 UTC

unscd doesn't appear to support services caching.

Comment 5 Bernhard Wiedemann 2012-12-11 08:57:11 UTC

FYI, I opened https://build.opensuse.org/request/show/144377
which I tested on two different machines to give a speedup factor
between 8 and 10.

Comment 6 Bernhard Wiedemann 2012-12-14 13:21:45 UTC

For fun I tested in kvm my old SuSE-8.2 based LiveCD from
http://lsmod.de/bootcd/bmwinux-8.2-040808.iso
with glibc-2.3.2 and xntp-4.1.1
and even without nscd it took only 3ms - way faster than later versions.

strace showed that it opened /etc/services exactly once.

Comment 7 Bernhard Wiedemann 2012-12-28 13:01:39 UTC

filed upstream at
http://bugs.ntp.org/show_bug.cgi?id=2320

Comment 8 Bernhard Wiedemann 2013-01-18 14:00:17 UTC

This is an autogenerated message for OBS integration:
This bug (782060) was mentioned in
https://build.opensuse.org/request/show/148946 Factory / ntp

Comment 9 Peter Varkoly 2014-04-07 09:03:20 UTC

patch applied

Comment 10 Reinhard Max 2015-11-06 09:31:28 UTC

I'll change this patch to use

hints.ai_socktype = SOCK_DGRAM;

as suggested in comment 2, because we're resolving for a UDP socket here, so we should specify that in the query.

Setting the 2nd argument of getaddrinfo() to NULL asks for an arbitrary port rather than the port for NTP (123), and I wonder why this change hasn't broken anything (or it has and we just didn't notice).

BTW, if reading /etc/services once is still too much, we can additionally change "ntp" to "123" and set the AI_NUMERICSRV flag, to disable name resolution on the service argument entirely, as it is already being done for the node argument.

Comment 11 Bernhard Wiedemann 2015-11-15 18:32:32 UTC

(In reply to Reinhard Max from comment #10)
> Setting the 2nd argument of getaddrinfo() to NULL asks for an arbitrary port
> rather than the port for NTP (123), and I wonder why this change hasn't
> broken anything (or it has and we just didn't notice).

getaddrinfo(3) says about the 2nd argument
> If service is NULL, then the port number
> of the returned socket addresses will be left uninitialized.

which is exactly what we want here, because we dont need the port number
and would just throw away the value which we looked up in /etc/services
(unless the surrounding code changed a lot)

Though doing one lookup per IP for UDP would still be a lot better
than the original 10 or so lookups

Comment 13 Swamp Workflow Management 2016-04-28 17:09:04 UTC

SUSE-SU-2016:1175-1: An update that solves 12 vulnerabilities and has 8 fixes is now available.

Category: security (important)
Bug References: 782060,784760,916617,951559,951629,956773,962318,962784,962802,962960,962966,962970,962988,962994,962995,962997,963000,963002,975496,975981
CVE References: CVE-2015-5300,CVE-2015-7973,CVE-2015-7974,CVE-2015-7975,CVE-2015-7976,CVE-2015-7977,CVE-2015-7978,CVE-2015-7979,CVE-2015-8138,CVE-2015-8139,CVE-2015-8140,CVE-2015-8158
Sources used:
SUSE Linux Enterprise Server 11-SP4 (src):    ntp-4.2.8p6-8.2
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    ntp-4.2.8p6-8.2

Comment 14 Swamp Workflow Management 2016-04-28 17:12:38 UTC

SUSE-SU-2016:1177-1: An update that solves 12 vulnerabilities and has 8 fixes is now available.

Category: security (important)
Bug References: 782060,916617,937837,951559,951629,956773,962318,962784,962802,962960,962966,962970,962988,962994,962995,962997,963000,963002,975496,975981
CVE References: CVE-2015-5300,CVE-2015-7973,CVE-2015-7974,CVE-2015-7975,CVE-2015-7976,CVE-2015-7977,CVE-2015-7978,CVE-2015-7979,CVE-2015-8138,CVE-2015-8139,CVE-2015-8140,CVE-2015-8158
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    yast2-ntp-client-3.1.22-6.2
SUSE Linux Enterprise Server 12-SP1 (src):    ntp-4.2.8p6-8.2, yast2-ntp-client-3.1.22-6.2
SUSE Linux Enterprise Desktop 12-SP1 (src):    ntp-4.2.8p6-8.2, yast2-ntp-client-3.1.22-6.2

Comment 15 Swamp Workflow Management 2016-05-06 11:07:58 UTC

SUSE-SU-2016:1247-1: An update that solves 28 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 782060,905885,910063,916617,920238,926510,936327,937837,942587,944300,946386,951559,951608,951629,954982,956773,962318,962784,962802,962960,962966,962970,962988,962994,962995,962997,963000,963002,975496,975981
CVE References: CVE-2015-5300,CVE-2015-7691,CVE-2015-7692,CVE-2015-7701,CVE-2015-7702,CVE-2015-7703,CVE-2015-7704,CVE-2015-7705,CVE-2015-7848,CVE-2015-7849,CVE-2015-7850,CVE-2015-7851,CVE-2015-7852,CVE-2015-7853,CVE-2015-7854,CVE-2015-7855,CVE-2015-7871,CVE-2015-7973,CVE-2015-7974,CVE-2015-7975,CVE-2015-7976,CVE-2015-7977,CVE-2015-7978,CVE-2015-7979,CVE-2015-8138,CVE-2015-8139,CVE-2015-8140,CVE-2015-8158
Sources used:
SUSE Linux Enterprise Software Development Kit 12 (src):    yast2-ntp-client-3.1.12.4-8.2
SUSE Linux Enterprise Server 12 (src):    ntp-4.2.8p6-46.5.2, yast2-ntp-client-3.1.12.4-8.2
SUSE Linux Enterprise Desktop 12 (src):    ntp-4.2.8p6-46.5.2, yast2-ntp-client-3.1.12.4-8.2

Comment 16 Swamp Workflow Management 2016-05-12 19:07:55 UTC

openSUSE-SU-2016:1292-1: An update that solves 12 vulnerabilities and has 8 fixes is now available.

Category: security (important)
Bug References: 782060,916617,937837,951559,951629,956773,962318,962784,962802,962960,962966,962970,962988,962994,962995,962997,963000,963002,975496,975981
CVE References: CVE-2015-5300,CVE-2015-7973,CVE-2015-7974,CVE-2015-7975,CVE-2015-7976,CVE-2015-7977,CVE-2015-7978,CVE-2015-7979,CVE-2015-8138,CVE-2015-8139,CVE-2015-8140,CVE-2015-8158
Sources used:
openSUSE Leap 42.1 (src):    ntp-4.2.8p6-15.1, yast2-ntp-client-3.1.22-6.1

Comment 17 Swamp Workflow Management 2016-05-17 13:09:29 UTC

SUSE-SU-2016:1311-1: An update that solves 30 vulnerabilities and has 6 fixes is now available.

Category: security (important)
Bug References: 782060,784760,905885,910063,916617,920183,920238,926510,936327,937837,942441,942587,943216,943218,944300,946386,951351,951559,951608,951629,954982,956773,962318,962784,962802,962960,962966,962970,962988,962994,962995,962997,963000,963002,975496,975981
CVE References: CVE-2015-5194,CVE-2015-5219,CVE-2015-5300,CVE-2015-7691,CVE-2015-7692,CVE-2015-7701,CVE-2015-7702,CVE-2015-7703,CVE-2015-7704,CVE-2015-7705,CVE-2015-7848,CVE-2015-7849,CVE-2015-7850,CVE-2015-7851,CVE-2015-7852,CVE-2015-7853,CVE-2015-7854,CVE-2015-7855,CVE-2015-7871,CVE-2015-7973,CVE-2015-7974,CVE-2015-7975,CVE-2015-7976,CVE-2015-7977,CVE-2015-7978,CVE-2015-7979,CVE-2015-8138,CVE-2015-8139,CVE-2015-8140,CVE-2015-8158
Sources used:
SUSE OpenStack Cloud 5 (src):    ntp-4.2.8p6-41.1
SUSE Manager Proxy 2.1 (src):    ntp-4.2.8p6-41.1
SUSE Manager 2.1 (src):    ntp-4.2.8p6-41.1
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    ntp-4.2.8p6-41.1
SUSE Linux Enterprise Server 11-SP2-LTSS (src):    ntp-4.2.8p6-41.1, yast2-ntp-client-2.17.14.1-1.12.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    ntp-4.2.8p6-41.1
SUSE Linux Enterprise Debuginfo 11-SP2 (src):    ntp-4.2.8p6-41.1

Comment 18 Bernhard Wiedemann 2016-05-18 10:00:15 UTC

This is an autogenerated message for OBS integration:
This bug (782060) was mentioned in
https://build.opensuse.org/request/show/396591 13.2 / ntp

Comment 19 Swamp Workflow Management 2016-05-27 13:15:53 UTC

openSUSE-SU-2016:1423-1: An update that fixes 37 vulnerabilities is now available.

Category: security (moderate)
Bug References: 782060,905885,910063,916617,920238,926510,936327,942587,944300,946386,951559,951608,951629,954982,956773,957226,962318,962784,962802,962960,962966,962970,962988,962995,963000,963002,975496,977446,977450,977451,977452,977455,977457,977458,977459,977461,977464
CVE References: CVE-2015-5300,CVE-2015-7691,CVE-2015-7692,CVE-2015-7701,CVE-2015-7702,CVE-2015-7703,CVE-2015-7704,CVE-2015-7705,CVE-2015-7848,CVE-2015-7849,CVE-2015-7850,CVE-2015-7851,CVE-2015-7852,CVE-2015-7853,CVE-2015-7854,CVE-2015-7855,CVE-2015-7871,CVE-2015-7973,CVE-2015-7974,CVE-2015-7975,CVE-2015-7976,CVE-2015-7977,CVE-2015-7978,CVE-2015-7979,CVE-2015-8138,CVE-2015-8139,CVE-2015-8140,CVE-2015-8158,CVE-2016-1547,CVE-2016-1548,CVE-2016-1549,CVE-2016-1550,CVE-2016-1551,CVE-2016-2516,CVE-2016-2517,CVE-2016-2518,CVE-2016-2519
Sources used:
openSUSE 13.2 (src):    ntp-4.2.8p7-25.15.1

Comment 20 Swamp Workflow Management 2016-06-14 15:33:08 UTC

An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2016-06-21.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/62822

Comment 21 Swamp Workflow Management 2016-07-29 17:08:56 UTC

SUSE-SU-2016:1912-1: An update that solves 43 vulnerabilities and has 9 fixes is now available.

Category: security (important)
Bug References: 782060,784760,905885,910063,916617,920183,920238,920893,920895,920905,924202,926510,936327,943218,943221,944300,951351,951559,951629,952611,957226,962318,962784,962802,962960,962966,962970,962988,962995,963000,963002,975496,977450,977451,977452,977455,977457,977458,977459,977461,977464,979302,981422,982056,982064,982065,982066,982067,982068,988417,988558,988565
CVE References: CVE-2015-1798,CVE-2015-1799,CVE-2015-5194,CVE-2015-5300,CVE-2015-7691,CVE-2015-7692,CVE-2015-7701,CVE-2015-7702,CVE-2015-7703,CVE-2015-7704,CVE-2015-7705,CVE-2015-7848,CVE-2015-7849,CVE-2015-7850,CVE-2015-7851,CVE-2015-7852,CVE-2015-7853,CVE-2015-7854,CVE-2015-7855,CVE-2015-7871,CVE-2015-7973,CVE-2015-7974,CVE-2015-7975,CVE-2015-7976,CVE-2015-7977,CVE-2015-7978,CVE-2015-7979,CVE-2015-8138,CVE-2015-8158,CVE-2016-1547,CVE-2016-1548,CVE-2016-1549,CVE-2016-1550,CVE-2016-1551,CVE-2016-2516,CVE-2016-2517,CVE-2016-2518,CVE-2016-2519,CVE-2016-4953,CVE-2016-4954,CVE-2016-4955,CVE-2016-4956,CVE-2016-4957
Sources used:
SUSE Linux Enterprise Server 10 SP4 LTSS (src):    ntp-4.2.8p8-0.7.1